[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-block] [PATCH v2 12/17] qcow2: convert QCow2 to use QCryptoBlo
From: |
Fam Zheng |
Subject: |
Re: [Qemu-block] [PATCH v2 12/17] qcow2: convert QCow2 to use QCryptoBlock for encryption |
Date: |
Thu, 21 Jan 2016 17:54:23 +0800 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Wed, 01/20 17:38, Daniel P. Berrange wrote:
> This converts the qcow2 driver to make use of the QCryptoBlock
> APIs for encrypting image content. As well as continued support
> for the legacy QCow2 encryption format, the appealing benefit
> is that it enables support for the LUKS format inside qcow2.
FWIW, with today's QEMU, it's possible to stack format drivers on top of each
other. In other words, even without this patch, we can make LUKS driver
encrypt/decrypt the qcow2 payload, while keeping them completely orthogonal.
It's someting like:
--------------------
| LUKS |
--------------------
|
v
--------------------
| qcow2 |
--------------------
|
v
--------------------
| file |
--------------------
The command line looks like this:
-drive driver=luks,file.driver=qcow2,file.file.driver=file,\
file.file.filename=$qcow2_image_whose_payload_is_in_luks_format
unfortunately I don't know how to create nested images with qemu-img. I tested
the nested qcow2 by attaching the outter image to a VM and running "qemu-img
create -f qcow2 /dev/vda" in guest shell. Kevin?
Fam
- Re: [Qemu-block] [PATCH v2 10/17] block: add generic full disk encryption driver, (continued)
[Qemu-block] [PATCH v2 13/17] qcow: make encrypt_sectors encrypt in place, Daniel P. Berrange, 2016/01/20
[Qemu-block] [PATCH v2 14/17] qcow: convert QCow to use QCryptoBlock for encryption, Daniel P. Berrange, 2016/01/20
[Qemu-block] [PATCH v2 17/17] block: remove support for legecy AES qcow/qcow2 encryption, Daniel P. Berrange, 2016/01/20
[Qemu-block] [PATCH v2 15/17] block: rip out all traces of password prompting, Daniel P. Berrange, 2016/01/20
[Qemu-block] [PATCH v2 16/17] block: remove all encryption handling APIs, Daniel P. Berrange, 2016/01/20
[Qemu-block] [PATCH v2 12/17] qcow2: convert QCow2 to use QCryptoBlock for encryption, Daniel P. Berrange, 2016/01/20
- Re: [Qemu-block] [PATCH v2 12/17] qcow2: convert QCow2 to use QCryptoBlock for encryption,
Fam Zheng <=